0481a0e6b354f6c12b9edeaab12ddfcb40efa5bdf7f06dd3e85e63ad546dcc95 | Triage

Sharing

General

Target

0481a0e6b354f6c12b9edeaab12ddfcb40efa5bdf7f06dd3e85e63ad546dcc95
Size

8.7MB
Sample

240523-f8p2aafc7x
MD5

ec8e8acd33199e6890c68ba94e2f88c3
SHA1

6a21fb844acd21301ed9477343b6e667c08c18eb
SHA256

0481a0e6b354f6c12b9edeaab12ddfcb40efa5bdf7f06dd3e85e63ad546dcc95
SHA512

60609ad513571ada650b201d3bf91fb4a84e8a4b3c2d9d9ccf9a49bf5b948eeb078bd306bd4b264855247bc254e15c97c7ce814b573f4c1854997f26469f84f1
SSDEEP

196608:TL5h5tG5490qJX9eJih9RisOyce2wS5l1BhEhXyg+AoRm/mS/:35nGo0w9eJ4RiPVe2wS5HEhXR+AoR

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  0481a0e6b354f6c12b9edeaab12ddfcb40efa5bdf7f06dd3e85e63ad546dcc95
- Size
  
  8.7MB
- MD5
  
  ec8e8acd33199e6890c68ba94e2f88c3
- SHA1
  
  6a21fb844acd21301ed9477343b6e667c08c18eb
- SHA256
  
  0481a0e6b354f6c12b9edeaab12ddfcb40efa5bdf7f06dd3e85e63ad546dcc95
- SHA512
  
  60609ad513571ada650b201d3bf91fb4a84e8a4b3c2d9d9ccf9a49bf5b948eeb078bd306bd4b264855247bc254e15c97c7ce814b573f4c1854997f26469f84f1
- SSDEEP
  
  196608:TL5h5tG5490qJX9eJih9RisOyce2wS5l1BhEhXyg+AoRm/mS/:35nGo0w9eJ4RiPVe2wS5HEhXR+AoR
Score

8^/10

evasion
- Modifies Windows Firewall
  evasion
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2